CVE-2024-29890 Remote code execution in datalens-ui

DataLens is a business intelligence and data visualization system. A specifically crafted request allowed the creation of a special chart type with the ability to pass custom javascript code that would later be executed in an unprotected sandbox on subsequent requests to that chart. The problem w...

SQL Injection Vulnerability in Damon Qizhi Big Data Visualization System of Wuhan Damon Database Co.

Founded in 2000, Wuhan Damon Database Co., Ltd. is a leading database product development service provider in China. A SQL injection vulnerability exists in Wuhan Damon Database Co., Ltd's Damon Qizhi Big Data Visualization System, which can be exploited by attackers to obtain sensitive database...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to operations occurring outside the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the execution of operations beyond the buffer in memory when processing CGM format files. Exploiting this vulnerability can allow attackers to execute arbitrary code...

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is an HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO, which can be exploited by an attacker to inject arbitrary operating system commands...

Access Control Error Vulnerability in Multiple Schneider Electric Products (CNVD-2019-34802)

Schneider Electric MEG6501-0001-U.motion KNX server and others are a web-based visualization system from Schneider Electric France. The system is mainly used for KNX-based home and building automation. An access control error vulnerability exists in multiple Schneider Electric products, which can...

Access Control Error Vulnerability in Multiple Schneider Electric Products (CNVD-2019-34799)

Schneider Electric MEG6501-0001-U.motion KNX server and others are a web-based visualization system from Schneider Electric France. The system is mainly used for KNX-based home and building automation. An access control error vulnerability exists in several Schneider Electric products. An attacke...

The vulnerability of the autonomous configuration tool for the visualization and control system “U.motion Builder” arises from the use of a default password, allowing attackers to bypass the authentication process.

The vulnerability of the autonomous configuration tool for the U.motion Builder visualization and control system exists due to the use of a default password. Exploiting this vulnerability allows an attacker to bypass the authentication process remotely...